
package com.wobaby.security;

import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import com.wobaby.util.log.Log;
import com.wobaby.util.log.LogPrinter;
import com.wobaby.vo.UserVO;

// Referenced classes of package com.wobaby.security:
//            Checker, PermissionException

class WebChecker extends Checker
{

    WebChecker()
    {
    }

    public static void checkPermission(String resource, HttpServletRequest request)
        throws PermissionException
    {
        UserVO uvo = getUser(request);
        checkPermission(resource, uvo.getUserID(), request);
    }

    public static void checkPermission(String resource, Integer userID, HttpServletRequest request)
        throws PermissionException
    {
        int result = checkPermissionInternal(resource, userID, requestToMap(request));
        LogPrinter lp = Log.getLog("auth");
        if(lp.configuredFor(0))
            lp.trace(com.wobaby.security.WebChecker.class, resource + " checkPermission :" + result);
        if(result > 0)
            throw noPermission(trimResourceName(resource), result);
        else
            return;
    }

    public static boolean hasPermission(String resource, HttpServletRequest request)
    {
        UserVO uvo = getUser(request);
        return hasPermission(resource, uvo.getUserID(), request);
    }

    public static boolean hasPermission(String resource, Integer userID, Map params, StringBuffer denyMessage)
    {
        int result = checkPermissionInternal(resource, userID, params);
        LogPrinter lp = Log.getLog("auth");
        if(lp.configuredFor(0))
            lp.trace(com.wobaby.security.WebChecker.class, resource + " hasPermission :" + result);
        boolean permitted = result == 0;
        if(!permitted && denyMessage != null)
            denyMessage.append(noPermission(trimResourceName(resource), result).getDescription());
        return permitted;
    }

    public static boolean hasPermission(String resource, HttpServletRequest request, StringBuffer returnMessage)
    {
        UserVO uvo = getUser(request);
        return hasPermission(resource, uvo.getUserID(), request, returnMessage);
    }

    public static boolean hasPermission(String resource, Integer userID, HttpServletRequest request)
    {
        return hasPermission(resource, userID, request, null);
    }

    private static boolean hasPermission(String resource, Integer userID, HttpServletRequest request, StringBuffer denyMessage)
    {
        int result = checkPermissionInternal(resource, userID, requestToMap(request));
        LogPrinter lp = Log.getLog("auth");
        if(lp.configuredFor(0))
            lp.trace(com.wobaby.security.WebChecker.class, resource + " hasPermission :" + result);
        boolean permitted = result == 0;
        if(!permitted && denyMessage != null)
            denyMessage.append(noPermission(trimResourceName(resource), result).getDescription());
        return permitted;
    }

    private static UserVO getUser(HttpServletRequest request)
        throws PermissionException
    {
        UserVO uvo = (UserVO)request.getSession().getAttribute("USERVO");
        if(uvo == null)
        {
            Log.getLog("auth").trace(null, "No LOGIN_USER found in session");
            PermissionException pe = new PermissionException(6);
            throw pe;
        } else
        {
            return uvo;
        }
    }

    private static Map normalize(Map origMap)
    {
        HashMap newMap = new HashMap();
        if(origMap != null)
        {
            Iterator it = origMap.keySet().iterator();
            do
            {
                if(it == null || !it.hasNext())
                    break;
                Object key = it.next();
                String values[] = (String[])(String[])origMap.get(key);
                if(values != null && values.length > 0 && values[0] != null)
                    if(values.length == 1)
                        newMap.put(key, values[0].trim());
                    else
                        newMap.put(key, values);
            } while(true);
        }
        return newMap;
    }

    private static Map requestToMap(HttpServletRequest request)
    {
        Map newMap = normalize(request.getParameterMap());
        Object o;
        for(Enumeration enumeration = request.getAttributeNames(); enumeration.hasMoreElements(); newMap.put(o, request.getAttribute(o.toString())))
            o = enumeration.nextElement();

        return newMap;
    }

    static LogPrinter lp = Log.getLog("auth");

}